Manuel Pégourié-Gonnard
f499993cb2
Add ecdsa_from_keypair()
...
Also fix bug/limitation in mpi_copy: would segfault if src just initialised
and not set to a value yet. (This case occurs when copying a context which
contains only the public part of the key, eg.)
2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard
cc0a9d040d
Fix const-correctness of rsa_*_verify()
2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard
211a64c79f
Add eckey to ecdsa conversion in the PK layer
2013-08-20 20:26:28 +02:00
Manuel Pégourié-Gonnard
e09631b7c4
Create ecp_group_copy() and use it
2013-08-20 20:08:29 +02:00
Manuel Pégourié-Gonnard
aa431613b3
Add ecdsa example program
2013-08-20 20:08:29 +02:00
Manuel Pégourié-Gonnard
8eebd012b9
Add an ecdsa_genkey() function
2013-08-20 20:08:28 +02:00
Manuel Pégourié-Gonnard
4846f5ecbc
ecdsa now depends on ASN.1 parse & write
2013-08-20 20:04:16 +02:00
Manuel Pégourié-Gonnard
b694b4896c
Add ecdsa_{read,write}_signature()
2013-08-20 20:04:16 +02:00
Paul Bakker
04784f57e4
Added config check for SSL/TLS module that depends on cipher layer
2013-08-19 13:31:39 +02:00
Paul Bakker
59da0a46a4
Added config check for POLARSSL_SSL_SESSION_TICKETS
2013-08-19 13:27:17 +02:00
Manuel Pégourié-Gonnard
298aae4524
Adapt core OID functions to embeded null bytes
2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard
56a487a17f
Minor ecdsa cleanups
...
- point_format is of no use
- d was init'ed and free'd twice
2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard
0b2726732e
Fix ifdef conditions for EC-related extensions.
...
Was alternatively ECP_C and ECDH_C.
2013-08-16 13:56:17 +02:00
Manuel Pégourié-Gonnard
5734b2d358
Actually use the point format selected for ECDH
2013-08-16 13:56:16 +02:00
Paul Bakker
1f2bc6238b
Made support for the truncated_hmac extension configurable
2013-08-15 13:45:55 +02:00
Paul Bakker
05decb24c3
Made support for the max_fragment_length extension configurable
2013-08-15 13:33:48 +02:00
Paul Bakker
606b4ba20f
Session ticket expiration checked on server
2013-08-15 11:42:48 +02:00
Paul Bakker
a503a63b85
Made session tickets support configurable from config.h
2013-08-14 14:26:03 +02:00
Manuel Pégourié-Gonnard
56dc9e8bba
Authenticate session tickets.
2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
990c51a557
Encrypt session tickets
2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
779e42982c
Start adding ticket keys (only key_name for now)
2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
aa0d4d1aff
Add ssl_set_session_tickets()
2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
06650f6a37
Fix reusing session more than once
2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
a5cc6025e7
Parse NewSessionTicket message
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
60182ef989
ssl_cli: write & parse session ticket extension
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
75d440192c
Introduce ticket field in session structure
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
747180391d
Add ssl_get_session() to save session on client
2013-08-14 14:08:03 +02:00
Paul Bakker
48e93c84b7
Made padding modes configurable from config.h
2013-08-14 14:02:48 +02:00
Paul Bakker
1a45d91cf2
Restructured cipher_set_padding_mode() to use switch statement
2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard
ebdc413f44
Add 'no padding' mode
2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard
0e7d2c0f95
Add zero padding
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
8d4291b52a
Add zeros-and-length (ANSI X.923) padding
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
679f9e90ad
Add one-and-zeros (ISO/IEC 7816-4) padding
2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
ac56a1aec4
Make cipher_set_padding() actually work
...
(Only one padding mode recognized yet.)
2013-08-14 14:02:46 +02:00
Manuel Pégourié-Gonnard
d5fdcaf9e5
Add cipher_set_padding() (no effect yet)
...
Fix pattern in tests/.gitignore along the way.
2013-08-14 14:02:46 +02:00
Paul Bakker
0f2f0bfc87
CAMELLIA-based PSK and DHE-PSK ciphersuites added
2013-07-26 15:04:03 +02:00
Paul Bakker
d6f41c5bcd
Fixed size of ctx_enc / ctx_dec in ssl for gcm_context size
2013-07-25 17:01:54 +02:00
Paul Bakker
f16db18c55
Fixed header file comments on ciphersuites
2013-07-25 11:30:31 +02:00
Paul Bakker
8c1ede655f
Changed prototype for ssl_set_truncated_hmac() to allow disabling
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
277f7f23e2
Implement hmac truncation
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
57c2852807
Added truncated hmac negociation (without effect)
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e980a994f0
Add interface for truncated hmac
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e048b67d0a
Misc minor fixes
...
- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue
2013-07-19 12:56:08 +02:00
Manuel Pégourié-Gonnard
ed4af8b57c
Move negotiated max fragment length to session
...
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
2013-07-18 14:07:09 +02:00
Manuel Pégourié-Gonnard
581e6b6d6c
Prepare migrating max fragment length to session
...
Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.
2013-07-18 12:32:27 +02:00
Manuel Pégourié-Gonnard
48f8d0dbbd
Read max_fragment_length extension (server)
2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard
8b46459ae5
Add ssl_set_max_frag_len()
2013-07-18 11:18:13 +02:00
Manuel Pégourié-Gonnard
fd5164e283
Fix some more ifdef's RSA/EC, in pk and debug
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
ab2d9836b4
Fix some ifdef's in x509parse
...
While at it:
- move _rsa variants systematically after generic functions
- unsplit x509parse_key_pkcs8_encrypted_der() (reverts a5d9974
)
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
96f3a4e1b3
Rm ecp_keypair.alg
...
Avoid duplicating information already present in pk_context.
2013-07-17 15:59:44 +02:00